Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/0AzkBQ0JFA5bEdMYWaXszlLBOLI.roa
File: 0AzkBQ0JFA5bEdMYWaXszlLBOLI.roa (raw, json)
Hash identifier: YT2lPNDQMAbFCNjc+R1VwQhA1zu37s9zIndAypywbp4=
Subject key identifier: D0:0C:E4:05:0D:09:14:0E:5B:11:D3:18:59:A5:EC:CE:52:C1:38:B2
Certificate issuer: /CN=6a016dad273047b18886691485dedd97171c4d68
Certificate serial: 018CC8DE45633E0961E2720B1FB0169A1A72
Authority key identifier: 6A:01:6D:AD:27:30:47:B1:88:86:69:14:85:DE:DD:97:17:1C:4D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/agFtrScwR7GIhmkUhd7dlxccTWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/0AzkBQ0JFA5bEdMYWaXszlLBOLI.roa
Signing time: Tue 02 Jan 2024 06:30:59 +0000
ROA not before: Tue 02 Jan 2024 06:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 194.1.164.0/24 maxlen: 24
194.1.165.0/24 maxlen: 24
194.1.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/agFtrScwR7GIhmkUhd7dlxccTWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/agFtrScwR7GIhmkUhd7dlxccTWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/agFtrScwR7GIhmkUhd7dlxccTWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:45:63:3e:09:61:e2:72:0b:1f:b0:16:9a:1a:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a016dad273047b18886691485dedd97171c4d68
Validity
Not Before: Jan 2 06:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d00ce4050d09140e5b11d31859a5ecce52c138b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3f:cc:3f:70:40:ab:ed:fd:d6:4b:61:b5:a3:
7c:db:4c:86:1e:e6:92:e9:2a:bd:c6:95:6c:27:a3:
73:02:cd:3b:5f:01:75:09:9c:88:a1:68:dc:68:83:
79:5d:ee:1f:dd:68:11:28:ad:09:fd:28:00:8c:dc:
c2:50:10:61:ce:b6:82:5c:46:fd:b1:ff:a0:29:66:
d2:24:be:2e:29:38:63:4d:e5:ce:4d:d2:b5:20:78:
fd:09:d2:a9:fa:f8:63:c4:b1:57:c2:52:aa:57:b8:
03:7c:19:f8:6b:3f:c0:a0:0f:43:a4:66:a0:af:c4:
b8:24:95:ef:b4:7f:f0:16:ec:1f:1d:90:6c:2d:1e:
71:c0:64:f0:66:ed:ae:a6:9f:f2:c6:3e:3f:5c:fa:
cf:1b:77:58:82:d4:59:b5:c8:96:87:fc:c9:f2:f1:
c5:e3:b5:40:58:db:7d:fe:35:9f:87:9b:ff:43:2d:
cc:13:ab:0f:c6:80:23:8b:c0:4a:46:3e:6b:b4:7c:
7e:6f:5a:cc:c7:55:bd:cf:bf:a0:3d:b7:e1:a5:e9:
0b:96:06:74:f9:cd:75:c3:31:ce:eb:77:3a:4c:eb:
43:2e:eb:48:85:68:11:cd:af:15:c2:50:59:f6:43:
9b:3b:a9:03:72:42:e1:22:28:13:f4:6d:3f:50:a6:
78:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0C:E4:05:0D:09:14:0E:5B:11:D3:18:59:A5:EC:CE:52:C1:38:B2
X509v3 Authority Key Identifier:
keyid:6A:01:6D:AD:27:30:47:B1:88:86:69:14:85:DE:DD:97:17:1C:4D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/agFtrScwR7GIhmkUhd7dlxccTWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/0AzkBQ0JFA5bEdMYWaXszlLBOLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/agFtrScwR7GIhmkUhd7dlxccTWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.164.0-194.1.166.255
Signature Algorithm: sha256WithRSAEncryption
10:98:f7:6e:15:97:0b:70:b9:00:b1:97:90:fc:d2:71:4a:d5:
78:fb:fd:e3:38:e5:19:d6:78:09:8d:b5:e6:13:3c:ae:5f:9d:
16:fd:15:b5:d3:a2:0c:35:15:8d:be:0f:73:69:5b:08:19:52:
cf:26:6b:6d:b2:24:f3:fd:f1:58:35:a0:06:e7:f1:c6:50:07:
7c:09:58:fd:46:f4:c2:ac:a7:ed:13:c4:a8:62:9e:7d:90:e6:
7e:14:7a:38:46:96:97:c5:3a:b2:bd:e8:18:3f:ba:ee:78:b2:
ab:1c:ff:76:28:7e:d8:e8:28:21:1f:5e:c2:93:5b:38:29:69:
60:aa:01:60:82:b1:bd:c5:0e:b1:11:6c:3f:d5:c8:c1:0c:d0:
a6:bf:fe:29:45:c0:e1:83:72:5f:48:6b:23:03:8e:d5:52:3d:
e6:3e:a1:fe:96:14:80:6e:37:cc:e9:1d:fd:ab:95:ea:59:df:
4e:e1:a4:7b:78:48:47:ad:e4:7b:73:2a:4b:4a:fb:5b:76:0a:
35:5f:40:b8:ae:65:7c:d7:f5:98:3a:72:e3:45:3d:cc:f9:04:
b6:58:f1:9c:f7:be:65:05:40:a2:9a:8f:d4:a5:cc:6b:89:4f:
b7:55:1d:3c:86:5a:8a:0b:1b:b4:fb:0c:fe:0a:ff:aa:c3:ac:
d1:db:c2:63
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzI3kVjPglh4nILH7AWmhpyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMDE2ZGFkMjczMDQ3YjE4ODg2NjkxNDg1ZGVkZDk3MTcx
YzRkNjgwHhcNMjQwMTAyMDYzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDBjZTQwNTBkMDkxNDBlNWIxMWQzMTg1OWE1ZWNjZTUyYzEzOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj/MP3BAq+391kthtaN820yGHuaS
6Sq9xpVsJ6NzAs07XwF1CZyIoWjcaIN5Xe4f3WgRKK0J/SgAjNzCUBBhzraCXEb9
sf+gKWbSJL4uKThjTeXOTdK1IHj9CdKp+vhjxLFXwlKqV7gDfBn4az/AoA9DpGag
r8S4JJXvtH/wFuwfHZBsLR5xwGTwZu2upp/yxj4/XPrPG3dYgtRZtciWh/zJ8vHF
47VAWNt9/jWfh5v/Qy3ME6sPxoAji8BKRj5rtHx+b1rMx1W9z7+gPbfhpekLlgZ0
+c11wzHO63c6TOtDLutIhWgRza8VwlBZ9kObO6kDckLhIigT9G0/UKZ4NwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNAM5AUNCRQOWxHTGFml7M5SwTiyMB8GA1UdIwQY
MBaAFGoBba0nMEexiIZpFIXe3ZcXHE1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWdGdHJTY3dSN0dJaG1rVWhkN2RseGNjVFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NWM5YWQtYzRhNy00NjUyLWFhZDMt
Yzk1MjgwNDkzMmMyLzEvMEF6a0JRMEpGQTViRWRNWVdhWHN6bExCT0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NWM5YWQtYzRhNy00NjUyLWFhZDMtYzk1MjgwNDkzMmMy
LzEvYWdGdHJTY3dSN0dJaG1rVWhkN2RseGNjVFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALCAaQD
BADCAaYwDQYJKoZIhvcNAQELBQADggEBABCY924VlwtwuQCxl5D80nFK1Xj7/eM4
5RnWeAmNteYTPK5fnRb9FbXTogw1FY2+D3NpWwgZUs8ma22yJPP98Vg1oAbn8cZQ
B3wJWP1G9MKsp+0TxKhinn2Q5n4UejhGlpfFOrK96Bg/uu54sqsc/3YoftjoKCEf
XsKTWzgpaWCqAWCCsb3FDrERbD/VyMEM0Ka//ilFwOGDcl9IayMDjtVSPeY+of6W
FIBuN8zpHf2rlepZ307hpHt4SEet5HtzKktK+1t2CjVfQLiuZXzX9Zg6cuNFPcz5
BLZY8Zz3vmUFQKKaj9SlzGuJT7dVHTyGWooLG7T7DP4K/6rDrNHbwmM=
-----END CERTIFICATE-----
Generated at Thu May 2 11:13:08 2024 by rpki-client on console-ams.rpki-client.org